Recently, Marriott Hotels informed the world that they had been the victims of a massive data breach. As it turns out, the breach was even more serious than was initially reported.

As the company has learned more from the ongoing investigation into the matter, they’ve been doing an admirable job at keeping the public updated, even if the details are cringe-worthy.

According to the latest information, the breach of the Starwood Preferred Guest database impacted up to 383 million travelers, which is fewer than the company’s initial estimate of up to 500 million. Unfortunately, that’s the only bit of good news.

While the company initially downplayed the amount of information that was taken, they’re now saying that both credit card numbers and expiration dates were compromised. They underscored that the data was encrypted, but they also admit that they don’t yet know if the components needed to de-crypt the data in a timely fashion were also compromised. Even if they weren’t, a determined hacker could still de-crypt the information, putting every one of those card numbers at risk.

On top of that, the company has now confirmed that as many as 5.25 un-encrypted passport numbers were taken, along with more than twenty million encrypted passport numbers.

If you’re just hearing about this breach for the first time, the above is in addition to the company’s initial report that more than 327 million guests had non-payment information stolen.

The initial report included:

Customer name

Address

Phone numbers

Email addresses

Dates they stayed at Marriott hotels, along with departure dates

SPG account information

Date of birth

Gender

Other Similar Data

In short, before the most recent update, it was a serious breach by any definition. The inclusion of payment and passport information makes it even more so, even if the total number of impacted users is less than was originally estimated.

There’s a new side channel attack to worry about. This one is after the target system’s OS page cache, where a variety of sensitive data that has been accessed by the device’s owner is stored for rapid retrieval. Perhaps the worst and most ominous aspect of this newly identified threat is the fact that it’s not limited by hardware architecture, and has been found to work on both Window and Linux-based machines.

This allows attackers to bypass sandboxes and other security protocols.

The research team is a motley collection of IT professionals hailing from Graz University of Technology, Boston University, NetApp, Intel, and CrowdStrike. They identified a number of possible ways a hacker might be able to use the newly identified attack vector and were even able (under certain conditions) to send data gleaned from the target system to a remote server.

The team pointed out that although they ran their tests on Windows and Linux machines, there’s no reason to think their methodology wouldn’t be successful on any other operating system currently in use today. This is a threat that potentially impacts the entire computing ecosystem. While many of the team’s experiments required that the would-be hacker have physical access to the device, they were able to demonstrate that under certain conditions, a remote attack was also possible.

On this front, the team had the following to say:

“Our remote attack leverages timing differences between memory and disk access, measured on a remote system, as a proxy for the required local information.”

They went on to explain that this could be achieved by measuring soft page faults, which happen any time a page is erroneously mapped. In this manner, the team was able to send data between the target system and a remote web server.

It should be noted that this attack has not been seen in the wild, but Microsoft, for one, is wasting no time addressing it. There’s already a mitigation routine built into Windows Insider build 18305, and it’s expected to be rolled out to the user base at large in the months ahead.

All that to say, it’s dangerous, but not as devastating as it otherwise could be. Even so, it’s something to keep on your radar.

One of the exciting new features offered by the latest smartphones is facial recognition, which allows users to unlock their devices simply by looking at them. On paper, it’s a great feature and incredibly convenient, but there’s a problem. The issue was uncovered by a non-profit group called the Dutch Consumentenbond, which tested more than a hundred smartphones offered by a broad spectrum of vendors.

Their findings were disturbing to say the least.

It seems that advances in technology have rendered the new facial recognition routines easily hacked. The group found that nearly 40 percent of the phones they tested could be unlocked by a hacker displaying a high-resolution photograph in front of the camera.

These photos are such high quality that they can fool the software designed to protect the user. This allows any hacker who has access to a high-resolution photo of the phone’s owner complete and unfettered access to anything on the device. After all, as far as the phone is concerned, you’re the one unlocking it!

Unfortunately, given the fact that most people these days are engaged on at least one social media platform, high-res photographs are incredibly easy to come by. Even if you’re not personally engaged in social media on any platform, given the ubiquity of high-quality cameras on the smart devices available for sale today, it’s incredibly easy to snap a picture of the owner of the phone either before or after the hacker has made off with it.

The issue here is twofold: First, a growing percentage of people do their banking and make a variety of purchases via their phones, meaning that all of the data associated with those accounts would be available to a hacker who stole the phone. Second, companies selling phones with the facial recognition unlock feature are touting it as highly secure, when it very clearly isn’t, giving their user base a false sense of security.

Beware. Facial recognition unlock is much easier to hack than manufacturers are letting on!

Two new critical flaws have been discovered in Adobe Acrobat and Reader that require your urgent attention.

In fact, the flaws were rated as so severe that the company broke with its tradition of releasing security updates around the middle of the month in coordination with Microsoft’s “Patch Tuesday”.

They released an update sooner this time, in order to make sure that these issues were resolved, and ensure the fixes were in the hands of their users.

The first issue, listed as CVE-2018-16011, is an exploit that takes advantage of the software’s ‘Use-After-Free functionality that allows a hacker to craft a special, poisoned PDF embedded with code that could allow them to take full control of the system targeted by the attack.

The second, identified as CVE-2018-16018 bypasses the JavaScript API restrictions in place on Adobe Reader.

The flaws can be found in all versions of Windows, macOS Acrobat DC, and Reader 2019.010.20064 and older. The company recommends updating to version 2019.010.20069 to address the flaws and be sure your system is protected.

The company has listed both of these as critical flaws with a rating of two, which is about as serious as it gets.

In related news, we have learned that Adobe’s regularly scheduled security patch will address a total of 87 security flaws across a range of the company’s products, with 39 of the issues patched being rated as critical.

Kudos to Adobe for breaking with their tradition and addressing both of these flaws ahead of their regularly scheduled update. It’s a sad testament to the times we live in that such actions are becoming increasingly necessary. However, it’s always good to see instances of prominent tech companies rising to the occasion and looking out for the best interests of their user base.

Be sure to grab these updates and apply them as soon as feasible if you use either of the products mentioned above.

Google has been busy in recent weeks. They’ve removed a staggering 85 apps from their Play Store when they discovered that they were pushing highly aggressive adware to the users who downloaded them.

The apps the company removed were wearing a number of disguises, passing themselves off as everything from games, to remote control simulators, to streaming video services, and more. On occasion, they actually delivered at least some functionality to the user. Unfortunately, they also pushed an excessive number of full-screen ads and pop-ups.

Although Google has a fairly robust system in place designed to prevent such apps from winding up on the Play Store to begin with, a steady stream of malicious apps continues to make an appearance. Worse, the company didn’t spot the ones they recently removed. Researchers at Trend Micro made the discovery, and informed Google.

To the company’s credit, they responded immediately, but the damage had already been done. Taken together, the apps in question had already been downloaded more than nine million times by the time the company purged them from their system.

Even after notifying Google of their discovery, Trend Micro continued to test the apps they discovered and found that they came from a variety of different developers, although many of them shared the same, or at least highly similar code.

The two best strategies to avoid these kinds of apps are about as straightforward as it gets:

Do your due diligence and steer clear of any app that doesn’t have stellar ratings and solid reviews.

Be sure you’ve got a good antivirus app on your device with ad blocking functionality.

If, even after following that advice, your system still winds up getting infected and you find yourself bombarded with unwanted ads, uninstall it immediately.

Are you still using Internet Explorer? Now you have a new reason to consider switching to a more up to date browser.

As most people know, Microsoft essentially gave up on Explorer after it failed to gain ground against its major competitors in the browser ecosystem. They started fresh, with Microsoft Edge, designed as a modern replacement.

Unfortunately, there are still legions of faithful IE users hanging on, and they are at risk. The company recently received a notification from Google’s Threat Analysis Group alerting them to the presence of the flaw, which centers around the way the software’s scripting engine handles objects in memory.

Worse, although the company did not provide any details, a separately published advisory on the topic made clear that this flaw has been seen in the wild and is actively being used by hackers.

The issue is so severe that Microsoft broke with its own policy and issued an emergency update to fix the flaw for IE holdout users. If, for whatever reason, you have yet to switch to some other browser, this is one security update you won’t want to miss. You’ll find it on the company’s website indexed as CVE-2018-8653. The company has also made clear that there are no known workarounds for this issue, except to install the latest patch.

Ultimately, of course, the best solution would be to seriously consider migrating away from the use of Internet Explorer. Microsoft will likely continue to issue emergency patches as other issues are discovered. Unfortunately though, they have formally ended support for the product, so there’s no guarantee. Every day you continue using the outdated browser, you put yourself at unnecessary and entirely avoidable risk.

If you haven’t already got firm plans in place to migrate to some other browser, this is one more in a long list of compelling reasons to make it a priority.

According to Alexa, Amazon is the 4th most visited website in the United States and ranks 8th worldwide. To say that it gets a lot of traffic every day would be an understatement, which is why a newly discovered phishing campaign pretending to come from Amazon is so disturbing.

Although Amazon sees heavy traffic every day of the year, things get especially frenzied during the holidays as shoppers flock to the company’s website to buy Christmas presents for friends and family. Scammers know this and seek to take advantage of unwary shoppers, thus the genesis of their latest campaign. The security firm EdgeWave has been monitoring the development of the campaign.

Scammers are sending out well-crafted, sophisticated emails that appear to come from Amazon, featuring subject lines designed to draw the attention of online shoppers, such as “Your Amazon.com Order” Or “Your Amazon Order (order number) has shipped.”

Naturally, if you’ve purchased something from Amazon, you’ll be inclined to open the email to get more information. You’ll then be presented with something that appears to be a legitimate order confirmation, although lacking in any specific details about the product.

In lieu of that, the scammers have placed an ‘Order Details’ button in the email, inviting users to click for additional information. Unfortunately, clicking the link downloads a word document onto the user’s device. If the user tries to open it, they’ll get a message that says they need to enable content in order for the message to be properly displayed.

What this does in actuality though, is enable macros, which hackers and scammers have been using for years to inject malicious code onto PCs around the world, and sure enough, that’s exactly what happens in this case.

EdgeWave researchers have tested the poisoned document and discovered that as the download begins, what is apparently being downloaded is a file called ‘keyandsymbol.exe’. However, embedded in the code, they found references to mergedboost.exe.

By now, most people know better than to click links or open files, even when they seem to come from a trusted source. This latest campaign underscores the importance of ongoing education and friendly, periodic reminders.

Chromebooks are fun, cool machines that are incredibly popular with students, hipsters, artists, and the like. However, the company hasn’t been able to penetrate the Enterprise market with their product. It’s not hard to understand why.

Overwhelmingly, businesses use Windows-based machines. Many of the applications businesses rely on simply won’t work on a Chromebook, and there’s no viable equivalent. Even if there was, why bother switching when what you have is working?

It’s a fair point, and Google is taking steps to remove that objection to giving their Chromebooks a try in the Enterprise environment. The company is currently working on a dual boot Chromebook that will allow users to select either Windows 10 or ChromeOS at startup.

It’s a lot harder than you might think. Unlike Linux, which can coexist on the machine with ChromeOS, allowing users to run both operating systems at once if you like, that’s simply not possible with Windows. You can run one or the other, but you can’t run them both at the same time.

It’s an interesting move, but industry insiders don’t expect the change to boost Chromebook’s Enterprise footprint much. True, if an employee has a Chromebook at home and sometimes does work on it, the dual boot option will make that easier to do. Honestly though, the Chromebook doesn’t bring anything new or terribly useful to the Enterprise environment. Until and unless that changes, having a Chromebook that’s capable of running Windows 10 is interesting, but also unlikely to change many minds.

Even so, if you have employees who have been complaining that they can’t use their Chromebook to do work for your company, let them know that’s soon to be changing. It’s a small thing, and it won’t impact a huge swath of the people you employ, but it might bring smiles to a few faces at your firm and improve morale. That’s never a bad thing.

This spring, Windows 10 users will be treated to a raft of exciting new features.

Currently, the company’s massive test group of Windows Insiders is enjoying playing with them, but they’ll be available to everyone in the early part of next year.

Here are a few of the goodies you have to look forward to:

Windows Dark

Recent research has indicated that by using dark-colored themes on smartphones, you add up to 40 percent to your phone’s battery life. This research has prompted Google to begin offering “dark” versions of a growing number of its apps.

Microsoft is borrowing that page of the company’s playbook, and will begin introducing dark theme support to its File Explorer. Currently, users can enable Dark Theme support for file explorer, but to do so, they have to enable the system-wide Dark theme setting. The coming change will allow users to enable the dark File Explorer theme independently of that setting.

Changes To Task Manager

At present, the company is testing a new feature that will allow users to select one of the tabs as the default, choosing from between performance, app history, startup, users, details and services. It’s a small change, but significant, and one that a large segment of the user base has been clamoring for for quite some time.

Changes to Cortana

Microsoft is constantly testing and tweaking their digital assistant, so this one comes as no surprise. The company is currently exploring the idea of splitting Cortana and search. Therefore, these two features will appear as separate icons on the task bar. Another change under consideration is one where users will be allowed to swap out Cortana as their digital assistant for Alexa or some other offering, system-wide. Imagine being able to talk to Alexa via your PC!

These, and many other changes are ahead for Windows 10 in the months ahead. It will be interesting indeed to see how the OS’s massive user base responds to them, and which ones are enthusiastically embraced.

According to data collected by Truecaller, the number of robocalls worldwide increased by a staggering 300 percent in 2018, although they were down slightly in the U.S. This data, however, should be taken with a grain of salt for two reasons.

First and foremost, Truecaller did not research to collect the data. They mined it from data collected by the people who use the Truecaller app.

Second, and perhaps less impactful is the fact that in China, Truecaller has been branded as spyware, although no other nation that we know of has designated the app as such. In any case, Truecaller boasts an impressive, global user base, and their statistics are intriguing, if incomplete.

Users in the United States, ranked as the 2nd most spammed nation on the planet, fell to 8th place this year, receiving an average of 17 robocalls a month, down from 21 a month according to last year’s data.

India, which was listed as the most spammed nation on the planet last year dropped to second place, and saw an overall decline in the number of robocalls received of 1.5 percent.

Contrast that with Brazil, which topped this year’s list as the most spammed country, with users there receiving a staggering 37 robocalls a month, mostly on account of the nation’s recent contentious election.

Overall, Truecaller users received a total of 17.7 billion spam calls between January and October of this year.

While the company offered no explanation as to what was driving the decline of spam calls in the US, industry insiders point to efforts by law enforcement to rein the industry in. This includes the fact that the Federal Trade Commission has filed a number of lawsuits over the course of this year. The FCC has taken a much more active hand, in one case, fining a robocall company a staggering $82 million dollars.

Whatever the reason, people living in the US do seem to be seeing fewer robocalls this year, even as the global trend accelerates, which is good news indeed.